Exam AZ-204 topic 4 question 55 discussion

E. scope Scope is the parameter used to specify the permissions that the web application is requesting to access the user's resources, such as the calendar and the ability to send an email as the user. The scope parameter is typically included in the API call or in the authorization request sent to the Microsoft identity platform.

right https://learn.microsoft.com/en-us/azure/active-directory/develop/scopes-oidc

Correct Answer : E.Scope

Scopes and permissions in the Microsoft identity platform. https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc The Microsoft identity platform implements the OAuth 2.0 authorization protocol. OAuth 2.0 is a method through which a third-party app can access web-hosted resources on behalf of a user. Any web-hosted resource that integrates with the Microsoft identity platform has a resource identifier, or application ID URI. In OAuth 2.0, these types of permission sets are called scopes. They're also often referred to as permissions. In the Microsoft identity platform, a permission is represented as a string value. An app requests the permissions it needs by specifying the permission in the scope query parameter.

scope The scope parameter in OAuth 2.0 specifies the permissions that the application is requesting. These permissions can be related to user delegated permissions (like reading a user's calendar) or application permissions (like sending an email on behalf of a user). Relevance to Authorization: This is the key parameter for defining the specific permissions your web application requires to access Microsoft Graph or other APIs.

Had this question in today's exam: 2023-07-26